requirements-engineer
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, prompt injections, or unauthorized command executions were detected. The skill provides a structured role-based configuration for software development requirements gathering.
- [DATA_EXFILTRATION]: No sensitive file access, credential harvesting, or unauthorized network operations were identified. External links in the metadata point to the author's official GitHub Pages site.
- [REMOTE_CODE_EXECUTION]: No remote script downloads or installations of untrusted dependencies were found. Mentions of load testing tools like 'k6' are provided as illustrative examples for non-functional requirement verification and are not executed by the skill code.
- [INDIRECT_PROMPT_INJECTION]: The skill ingests user-supplied problem descriptions to generate requirements and work items. This ingestion is standard for the skill's purpose and does not involve high-risk capability chains.
- Ingestion points: User descriptions of business needs in the SKILL.md workflow.
- Boundary markers: Absent.
- Capability inventory: Tools for creating and planning work items (e.g., github-issues-planning).
- Sanitization: Absent.
Audit Metadata